1、审计用户 TEST 的密码修改。
1)创建审计记录表,记录密码修改。
create table FC.record_passwd_change as
select SID, username, osuser, machine, program, logon_time
from v$session
where 1 = 2;
select SID, username, osuser, machine, program, logon_time
from v$session
where 1 = 2;
2)创建tigger
create or replace trigger FC.record_passwd_change_for_test
AFTER ALTER on DATABASE
begin
if (ora_dict_obj_name = 'TEST') then
/*INSERT INTO record_logon values (ora_login_user, systimestamp);*/
insert into FC.record_passwd_change
select SID, username, osuser, machine, program, logon_time
from v$session
where sid in (select distinct (sid) from v$mystat);
end if;
end;
AFTER ALTER on DATABASE
begin
if (ora_dict_obj_name = 'TEST') then
/*INSERT INTO record_logon values (ora_login_user, systimestamp);*/
insert into FC.record_passwd_change
select SID, username, osuser, machine, program, logon_time
from v$session
where sid in (select distinct (sid) from v$mystat);
end if;
end;
2、禁止修改TEST用户的密码。
create or replace trigger FC.NO_PASSWD_CHANGE_FOR_TEST
before alter on database
begin
if (ORA_DICT_OBJ_NAME = 'TEST') then
RAISE_APPLICATION_ERROR(-20001,
'NO PERMIT TO CHANGE PASSWORD FOR TEST !');
end if;
end;
before alter on database
begin
if (ORA_DICT_OBJ_NAME = 'TEST') then
RAISE_APPLICATION_ERROR(-20001,
'NO PERMIT TO CHANGE PASSWORD FOR TEST !');
end if;
end;